I have an Android app with a back-end server running ASP.NET MVC. User authentication and authorization in back-end is done with ASP.NET Identity 2 framework.
How can I securely register/login users from within Android app? In Android app I am using OkHttp to communicate with server.
Asked
Active
Viewed 477 times
0
Ali Behzadian Nejad
- 8,804
- 8
- 56
- 106
-
You can us REST api with in your server. In your mobile use volley and at most, you can encrypt data being send from your device. Try sending passwords in hash form. – Basu May 03 '16 at 21:58
-
What is the actual hashing mechanism in identity framework? How can I implement that in Java? – Ali Behzadian Nejad May 04 '16 at 05:49
-
Read this about hashing: http://stackoverflow.com/a/20622428/809357 but why would you want to implement it in Java if you are using Identity framework anyway? – trailmax May 04 '16 at 10:53
-
I want to hash password and then encrypt it so that while transferring password, no one can view raw password. So hashing algorithm in Java must be exactly the same as what that Identity2 uses for hashing. – Ali Behzadian Nejad May 04 '16 at 11:56